Does devops count as software engineering?

Hello, i am just curious. I entered college as a CS major but the program was canned at the beginning of covid, & i lost all my internships.

Now, i’m a CyberSecurity engineer & have been in IT for the last 2.5yrs.

Part of me wants to go back to my original passion of software development, but IT is what im good at and what ive been doing.

Is this a real path for me? Im thinking about getting back into coding and maybe applying for an internal opening at my current job.

https://redd.it/1jb6iwp
@r_devops

Need to learn advanced terraform

Hi all, i was given 3 months to sharpen my terraforn skills if i want to remain in the team, looking for advanced terraform resources, not the basic lessons for the certification path, but more real production schenarios, i would be thankfull if someone can propose me with some some mentorship or platform with online labs, thanks!

https://redd.it/1jb7iqt
@r_devops

What are you using for secrets management?

With IBM acquiring hashi, are you exploring alternatives? I’ve heard it’s hard to scale for enterprise and involves high cost. True?

Looking to explore options.

https://redd.it/1jb700s
@r_devops

Advice Needed: Internal Terraform Module Versioning

Hey everyone,

I’m working on setting up a versioning strategy for internal Terraform modules at my company. The goal is to use official AWS Terraform modules but wrap them in our own internal versions to enforce company policies—like making sure S3 buckets always have public access blocked. Lets say we want to use official s3 module , we create a new module in our org which still references the official module(not a fork), turn off few features (ex: disable public access) and provide filtered features for the application teams.

Right now, we’re thinking of using a four-part versioning system like this:

X.Y.Z-org.N

Where:

X.Y.Z matches the official AWS module version.
org.N tracks internal updates (like adding security features or disabling certain options).

For example:

If AWS releases `4.2.1` of the S3 module, we start with `4.2.1-org.1`.
If we later enforce encryption as default, we’d update to 4.2.1-org.2.
When AWS releases `4.3.0`, we sync with that and release `4.3.0-org.1`.

# How we’re implementing this:

Our internal module still references the official AWS module, so we’re not rewriting resources from scratch.
We track internal changes in a changelog (`CHANGELOG.md`) to document what’s different.
Teams using the module can pin versions like this:module "s3" { source = "git::https://our-repo.git//modules/s3" version = "\~> 4.2.1-org.0" }
Planning to use CI/CD pipelines to detect upstream module updates and automate version bumps.
Before releasing an update, we validate it using terraform validate, security scans (tfsec), and test deployments.

# Looking for advice on:

1. Does this versioning approach make sense? Or is there a better way to track internal changes while keeping in sync with AWS updates?
2. For those managing internal Terraform modules, what challenges have you faced?
3. How do you make sure teams upgrade safely without breaking their deployments?
4. Any tools or workflows that help track and sync upstream module updates?

https://redd.it/1jb9pvq
@r_devops

github actions for bumpversion and release automatic?

Hi, more often then not I want to:

- take last git tag matching v[0-9].[0-9].[0-9]
- bump major, minor or patch version
- sed "s/VERSION=.*/VERSION=$NEW_VERSION/" somefile.yml
- git add -A && git commit -m "bump version" && git push
- git tag "$NEW_VERSION" && git push --tags

And then from tag github actions pipeline I would want to:
- and this and that to artifacts
- make a github actions release from all the commits from the last release
- and add an artifact to that github actions

I would want the "bump" to be a manual github action, such incrementing version in a file, pushing new tag, creating new release is automated.

There are many small pieces in different places, many small actions that solve parts of the above problems, that I can pick up and stick together and write my own.

I wonder, maybe someone has ready-to-use showcase for me to see or recommendations how it's solved and how it's done with github-actions and what is the workflow here. Thank you.

https://redd.it/1jbbsrw
@r_devops

I saved 10+ of repetitive manual steps using just 4 GitHub Actions workflows

Hey, I wanted to share a small project I’ve been working on recently with you. It’s called „one branch to rule them all”. What I think will be the most interesting part for this community is the last part: https://www.toolongautomated.com/posts/2025/one-branch-to-rule-them-all-4.html

As part of this project, I’ve managed to automate multiple steps that previously had to be done manually over and over, every time the PR gets merged to trunk (or even on every commit in the PR when running unit tests).

It’s part of a larger design that lets users deploy a containerized application to multiple environments like staging or production conveniently.

I’ve made everything open source on GitHub, here’s the GitHub Actions workflow piece: https://github.com/toolongautomated/tutorial-1/tree/main/.github/workflows

What do you think about it from the automation/design perspective? What would you do differently or what do you think should be added?

https://redd.it/1jbajbr
@r_devops

When I say "deployments" what do you think of first?

Ok, trying to get some feedback on what we call a specific feature. I have an inkling, but wanted to pulse check with this group

When I say "deployments" what do you think of first as it relates to your day to day work?

https://redd.it/1jbf1g9
@r_devops

GitHub Actions - Pull Requests vs Push prioritisation

Hey colleagues!

I am struggling with small issue but I have a feeling that I am missing something obvious. I have a workflow on specific branch and we (as the team) want to have two triggers:

* once we push something to this branch
* once the PR is merged (however we need to have github.event = pull\_request, as we leverage labels in the pipeline, so it's crucial point for us)

It seems quite easy, we just do something like:

on:
push:
branches:
- branch
pull_request:
types: [closed]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
(...)

But the problem occurs when the PR is merged. We have noticed that concurrency cancels one of the job, but sometimes the cancelled job is triggered from PR and sometimes from push. We need to let run PR job only, and not the push one.

I hope that someone from outside looks at this and say we are silly because we miss obvious thing. :)
Thanks in advance for any comment.

https://redd.it/1jbfkt1
@r_devops

How do you output logs when using concurrently?

I do a prettier-check and a type-check at the same time using concurrently, but the logs doesn't get output on the screen at the end when it finds errors. How do you log everything whether you're on windows or linux? Is there a solution for this?

https://redd.it/1jbeyag
@r_devops

Automated Diagram Solution for AWS Serverless Apps

I am being assigned to build CICD of multiple AWS serverless applications in coming days. Each application will have separate repo. Each repository will be one serverless application consisting of multiple lambdas, apigw, sns, sqs and one YAML fine containing all infra definition. I have experience with aws SAM for building and deploying and mostly we will be using it for CICD.

I am looking for an automated diagram solution where i can feed my yaml file(or something more, if needed) to a CLI or POST URL and it will spit a png file. I know AWS cloudformation can be used to export the image but i dont find it elegant and readable enough.

Anyone have it fully automated and like to share their experience ?

https://redd.it/1jbpel3
@r_devops

Thinking about migrating from Terraform to Pulumi

I have an entire infrastructure built on Terraform with 500 resources + and im thinking to migrate it to Pulumi since it seems cooler with the GUI part on their website and lets you use Python to provision infrastructure.

What do you think, is it worth it ?
Is the migration painful ?

Thanks

https://redd.it/1jbqwxg
@r_devops

Illegal IPTV infrastructure: how do they make it happen? costs? bandwidth?

I'm wondering how illegal IPTV services manage their infrastructure. This must require a lot of bandwidth, and I bet they are not using GCP or AWS.

What do you think they use? Do they find cheap VPS options with no egress charges? Do you think they are advanced enough to run Kubernetes, Ansible automation, etc.?

I'm curious to hear your thoughts on how this works...

https://redd.it/1jbs197
@r_devops

"headless" CI / build server

Hi all!

I'm pretty new to the whole devops game, but I wondered if there was something like Jenkins or Drone I could host on-prem that just takes a tar-ed codebase (which will be Java projects using Gradle or Maven), run the build task (so like `./gradlew build`, and then have it upload the artifacts to something like S3 for me?

I'd want this to be triggerable via an API, but something like Jenkins and Drone always expect to be connected to a repo or have a "project" attached to a build.

But because the codebases I will be building are very disconnected from each other, even be multi-tenant, so not every project even comes from the same customer, I'd want to do the business logic on my own.


Does anyone here know if there's something out there that would fit me here? Or even, prove me wrong and point me somewhere I could learn how to do this *using* Jenkins, or, preferably, Drone?


Thanks in advance!

https://redd.it/1jbru7y
@r_devops

PyPI Malicious Packages Threaten Cloud Security


Fake packages in the Python Package Index put cloud security at risk. Researchers have identified two malicious packages posing as 'time' utilities and, alarmingly, they gained over 14,100 downloads. The downloaded packages allowed for unauthorized access to sensitive cloud access tokens.

The incident highlights the pressing need for developers and DevOps practices to scrutinize package dependencies more rigorously. With the ties these malicious packages have to popular projects, awareness and caution are crucial in order to avert potential exploitation.

- Over 14,100 downloads of two malicious package sets identified.

- Packages disguised as 'time' utilities exfiltrate sensitive data.

- Suspicious URLs associated with packages raise data theft concerns.

(View Details on PwnHub)


https://redd.it/1jbxxok
@r_devops

Tj-actions/changed-files GH Action is compromised.

https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised

We use this one in our workflows.

It seems like it shouldn't be a problem if your repos are private or internal.

Public repos will definitely want to determine their level of exposure.

https://redd.it/1jbzdsm
@r_devops

Devops market, real situation.

Guys, I’m out job for along time. Been on and off doing some side hustles, to keep up with bills etc. Have a family. So, long story short, recently I started upgrading my skills, Kubernetes, AWS, Python etc. I’m doing a lot of labs and alot of troubleshooting along the way. But the frustration comes from my surrounding. I have people around me engineers, and whenever we meet, they trying to take me down with crazy stories that the market is terrible, there are no jobs, we all sit at works scared about layoffs might happen any day soon etc. So basically they say ‘don’t even dream about’ But I have hit the rock bottom can pay my bills , or barely pay. So I need some real perspective from you guys, I trust and believe you gonna share the real story. Cuz whenever I google DevOps jobs near me it would pop a lot of jobs. So I don’t know where it’s all fake just for statistics or what is the true situation like. Appreciate your input

https://redd.it/1jc0xaf
@r_devops

Anyone using GKE with Windows nodes?

Hey,

I have got the task of managing GKE clusters that has Windows nodes with a couple of containers running on them.

The main problem I'm having is cold starts. The containers images are quite big and we have a spiky load, meaning that during working hours we scale up to hundred and something of nodes and then we go back to a dozen.

I have tried multiple approaches to improve this but it seems that GKE doesn't support custom node images nor using secondary disks for image caching/streaming.

If you have any tip it would be highly appreciated.

Thanks!

https://redd.it/1jc0tvh
@r_devops

Docker Login to Nexus Failing in Jenkins Pipeline (Mac)

Hey everyone,

I’m struggling with a Jenkins pipeline issue when trying to log in to Nexus using Docker. Here’s the error I’m getting:
*****************************************************************************
docker login -u admin -p ****** https://nexus:8083

WARNING! Using --password via CLI is insecure. Use --password-stdin

Error response from daemon: Get "https://nexus:8083/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

*****************************************************************************
My setup:

• OS: Mac

• Docker: Docker Desktop installed

• CI/CD tools running in Docker containers: Jenkins, SonarQube, Nexus

• Jenkins setup: Docker is installed inside the Jenkins container

• Nexus: Running as a container

• Users & Permissions: Created a group in Nexus and added my user to it

I’ve already tried:

• Running docker login manually inside the Jenkins container → Same timeout error

• Checking if Nexus is accessible (curl https://nexus:8083) → Sometimes works, sometimes times out

• Restarting Nexus & Jenkins → No change

I’ll attach some screenshots from my Jenkins logs, Nexus settings, and Docker setup.

Has anyone faced a similar issue? Could it be a networking issue with Docker? Any suggestions would be appreciated!

Thanks in advance.


https://redd.it/1jc2mzw
@r_devops

# TracePerf: TypeScript-Powered Node.js Logger That Actually Shows You What's Happening

Hey devs! I just released **TracePerf** (v0.1.1), a new open-source logging and performance tracking library built with TypeScript that I created to solve real problems I was facing in production apps.

# Why I Built This

I was tired of:

* Staring at messy console logs trying to figure out what called what
* Hunting for performance bottlenecks with no clear indicators
* Switching between different logging tools for different environments
* Having to strip out debug logs for production

So I built TracePerf to solve all these problems in one lightweight package.

# What Makes TracePerf Different

Unlike Winston, Pino, or console.log:

* **Visual Execution Flow** \- See exactly how functions call each other with ASCII flowcharts
* **Automatic Bottleneck Detection** \- TracePerf flags slow functions with timing data
* **Works Everywhere** \- Same API for Node.js backend and browser frontend (React, Next.js, etc.)
* **Zero Config to Start** \- Just import and use, but highly configurable when needed
* **Smart Production Mode** \- Automatically filters logs based on environment
* **Universal Module Support** \- Works with both CommonJS and ESM
* **First-Class TypeScript Support** \- Built with TypeScript for excellent type safety and IntelliSense

# Quick Example

// CommonJS
const tracePerf = require('traceperf');
// or ESM
// import tracePerf from 'traceperf';

function fetchData() {
return processData();
}

function processData() {
return calculateResults();
}

function calculateResults() {
// Simulate work
for (let i = 0; i < 1000000; i++) {}
return 'done';
}

// Track the execution flow
tracePerf.track(fetchData);

This outputs a visual execution flow with timing data:

Execution Flow:
┌──────────────────────────────┐
│ fetchData │ ⏱ 5ms
└──────────────────────────────┘
│
▼
┌──────────────────────────────┐
│ processData │ ⏱ 3ms
└──────────────────────────────┘
│
▼
┌──────────────────────────────┐
│ calculateResults │ ⏱ 150ms ⚠️ SLOW
└──────────────────────────────┘

# TypeScript Example

import tracePerf from 'traceperf';
import { ITrackOptions } from 'traceperf/types';

// Define custom options with TypeScript
const options: ITrackOptions = {
label: 'dataProcessing',
threshold: 50, // ms
silent: false
};

// Function with type annotations
function processData<T>(data: T[]): T[] {
// Processing logic
return data.map(item => item);
}

// Track with type safety
const result = tracePerf.track(() => {
return processData<string>(['a', 'b', 'c']);
}, options);

# React/Next.js Support

import tracePerf from 'traceperf/browser';

function MyComponent() {
useEffect(() => {
tracePerf.track(() => {
// Your expensive operation
}, { label: 'expensiveOperation' });
}, []);

// ...
}

# Installation

npm install traceperf

# Links

* [GitHub Repo](https://github.com/thelastbackspace/traceperf)
* [NPM Package](https://www.npmjs.com/package/traceperf)
* [Documentation](https://github.com/thelastbackspace/traceperf#readme)

# What's Next?

I'm actively working on:

* More output formats (JSON, CSV)
* Persistent logging to files
* Remote logging integrations
* Performance comparison reports
* Enhanced TypeScript types and utilities

Would love to hear your feedback and feature requests! What logging/debugging pain points do you have that TracePerf could solve?

https://redd.it/1jc4mjx
@r_devops

What do you use for CI/CD?

I use actions but curious war folks recommend in 2025

https://redd.it/1jc6rtn
@r_devops

Host in Apache Web server with React

Hello!, im currently practicing deployment in web servers and i really cant find any solu online so i came to ask here..

im currently deploying a Vite react typescript with tanstack routing.. but experience a major problem..

whenever i go to my url which is my subdomain.. it works well but when i navigate to certain routes which is a file routing based.. it gives me a Internal Server error which i really dont have an idea about it.. Heres the steps i did:

(file structure)
/SubDomain
- .htaccess
- ./dist (after build i deleted everything except .dist)

.htaccess:


RewriteEngine On

# Force redirect from HTTP to HTTPS
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTPHOST}%{REQUESTURI} L,R=301

# Serve static files from the dist folder
RewriteCond %{REQUESTFILENAME} !-f
RewriteCond %{REQUESTFILENAME} !-d
RewriteRule ^(.)$ /dist/$1 [L]

# Handle SPA routing (React/Tanstack Router)
# Redirect any request that isn't a file or directory to index.html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.)$ /dist/index.html L

# Explicitly set DirectoryIndex to index.html
DirectoryIndex /dist/index.html

Thankss..

https://redd.it/1jcdwet
@r_devops